从二头肌中的Azure应用服务访问应用程序ID(客户端)ID
在二头肌中,我正在配置Azure API管理策略,该策略可以为特定的后端应用程序服务提供托管服务身份。
这通常是通过设置这样的XML片段来完成的:
<policies>
<inbound>
<authentication-managed-identity resource="4d192d04-XXXX-461f-a6ab-XXXXXXXXXXXX" />
<base />
</inbound>
</policies>
我现在正在寻找的是如何从二头肌模板中的现有应用程序中检索特定的资源 ID。
下面我现有的二头肌模板中的一些片段:
// The App Service declaration
@description('API Website')
resource backendapi 'Microsoft.Web/sites@2021-03-01' = {
name: 'backend-${environment}'
kind: 'app,linux,container'
location: location
// left out properties, etc for brevity
// This is where I want to retrieve the client ID from that web app, but this fails:
var managed_identity_id = backendapi.identity.principalId
部署上述模板时,我会得到以下例外(尽管Identity.principalid已被Visual Studio Code Intellisense指示有效。
The language expression property 'identity' doesn't exist, available properties are 'apiVersion, location, tags, kind, properties, condition, deploymentResourceLineInfo, existing, isConditionTrue, subscriptionId, resourceGroupName, scope, resourceId, referenceApiVersion, isTemplateResource, isAction ,Provisioningingoperation'
因此,我的问题是,如何在二头肌文件中从应用程序服务访问该属性。该值的属性显示在以下屏幕截图中:
In bicep, I am configuring an Azure API Management policy that enables the managed service identity for a specific backend App Service.
This is typically done by setting an XML fragment like this:
<policies>
<inbound>
<authentication-managed-identity resource="4d192d04-XXXX-461f-a6ab-XXXXXXXXXXXX" />
<base />
</inbound>
</policies>
What I am now looking for, is how to retrieve that specific resource id from the existing App Service, in my bicep template.
Some fragments from my existing bicep template below:
// The App Service declaration
@description('API Website')
resource backendapi 'Microsoft.Web/sites@2021-03-01' = {
name: 'backend-${environment}'
kind: 'app,linux,container'
location: location
// left out properties, etc for brevity
// This is where I want to retrieve the client ID from that web app, but this fails:
var managed_identity_id = backendapi.identity.principalId
When deploying the above template, I get the following exception (although the identity.principalId was indicated to be valid by the Visual Studio Code intellisense.
The language expression property 'identity' doesn't exist, available properties are 'apiVersion, location, tags, kind, properties, condition, deploymentResourceLineInfo, existing, isConditionTrue, subscriptionId, resourceGroupName, scope, resourceId, referenceApiVersion, isTemplateResource, isAction, provisioningOperation'
So my question is, how can I access the property from an App Service, in a bicep file. The property of which the value is shown in the following screenshot:
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
如评论部分中所述,您正在寻找Web应用程序auth设置: microsoft.web sites/config'authetnettingsv2'2020-12-01
您可以为azureread airter for the ClientId for the ClientId for like and aird auth。
As explained in the comment section, you are looking for the web app auth settings: Microsoft.Web sites/config 'authsettingsV2' 2020-12-01
You could retrieve the clientId for AzureAD Auth Like that: